<?php
/**
 * Created by PhpStorm.
 * User: Weizehua
 * Date: 8/6/2016
 * Time: 16:17
 */
// save flags using mysql
// -------------------------------------------------------------------------------------------------------
// Constants
// -------------------------------------------------------------------------------------------------------
$db_user = 'shell';
$db_password = '0403';
$db = 'shell';

// -------------------------------------------------------------------------------------------------------
// Classes
// -------------------------------------------------------------------------------------------------------
class Flag
{
    public $id;
    public $flag;
    public $server;
    public $datetime;
}

// -------------------------------------------------------------------------------------------------------
// Functions
// -------------------------------------------------------------------------------------------------------
function create_mysqli()
{
    global $db_user, $db_password, $db;
    return new mysqli('localhost', $db_user, $db_password, $db);
}

function flag_exist($flag)
{
    $mysqli = create_mysqli();
    $stmt = $mysqli->prepare("SELECT count(*) FROM flags WHERE flag=?;");
    $stmt->bind_param('s', $flag);
    $stmt->execute();
    $stmt->bind_result($res);
    $stmt->fetch();
    if ($res[0] > 0)
        return true;
    return false;
}

function flags_insert(Flag $flag)
{
    $mysqli = create_mysqli();
    $stmt = $mysqli->prepare("INSERT INTO flags (server, flag) VALUES (?, ?);");
    $stmt->bind_param('ss', $flag->server, $flag->flag);
    return $stmt->execute();
}

function flags_delete($flag)
{
    $mysqli = create_mysqli();
    $stmt = $mysqli->prepare("DELETE FROM flags WHERE flag = ?;");
    $stmt->bind_param('s', $flag);
    return $stmt->execute();
}

function flags_query($from, $limit = 10)
{
    $mysqli = create_mysqli();
    $stmt = $mysqli->prepare("SELECT id, server, datetime, flag FROM flags LIMIT ?, ?;");
    $stmt->bind_param('ii', $from, $limit);
    $stmt->execute();
    $stmt->bind_result($id, $s, $d, $f);
    $flags = array();
    while ($stmt->fetch())
    {
        $flag = new Flag();
        $flag->id = $id;
        $flag->server = $s;
        $flag->datetime = $d;
        $flag->flag = $f;
        array_push($flags, $flag);
    }
    return $flags;
}

function flags_query_by_server($server, $from, $limit = 10)
{
    $mysqli = create_mysqli();
    $stmt = $mysqli->prepare("SELECT server, datetime, flag FROM flags WHERE server=? LIMIT ?, ?;");
    $stmt->bind_param('sii', $server, $from, $limit);
    $stmt->execute();
    $stmt->bind_result($id, $s, $d, $f);
    $flags = array();
    while ($stmt->fetch())
    {
        $flag = new Flag();
        $flag->id = $id;
        $flag->server = $s;
        $flag->datetime = $d;
        $flag->flag = $f;
        array_push($flags, $flag);
    }
    return $flags;
}

function flags_query_servers()
{
    $mysqli = create_mysqli();
    $stmt = $mysqli->prepare("SELECT DISTINCT server FROM flags;");
    $stmt->execute();
    $stmt->bind_result($s);
    $servers = array();
    while ($stmt->fetch())
    {
        array_push($servers, $s);
    }
    return $servers;
}

function flags_clear()
{
    $mysqli = create_mysqli();
    $stmt = $mysqli->prepare("TRUNCATE `shell`.`flags`;");
    return $stmt->execute();
}

function db_flag_exist()
{
    $mysqli = create_mysqli();
    $stmt = $mysqli->prepare("SHOW TABLES LIKE 'flags';");
    $stmt->execute();
    $stmt->bind_result($s);
    if ($stmt->fetch())
    {
        return $s;
    }
    return false;
}
function db_flags_set_up()
{
    $mysqli = create_mysqli();
    return $mysqli->query(<<<SQL
                    CREATE TABLE `flags` (
                        `id` int(11) NOT NULL AUTO_INCREMENT,
                        `flag` varchar(100) DEFAULT NULL,
                        `server` varchar(45) DEFAULT NULL,
                        `datetime` timestamp NULL DEFAULT CURRENT_TIMESTAMP,
                        PRIMARY KEY (`id`),
                        UNIQUE KEY `id_UNIQUE` (`id`),
                        UNIQUE KEY `flag_UNIQUE` (`flag`),
                        KEY `index_server` (`server`,`datetime`),
                        KEY `index_datetime` (`datetime`),
                        KEY `index_flag` (`flag`)
                    );
SQL
    );
}

function db_injects_set_up()
{
    $mysqli = create_mysqli();
    return $mysqli->query(<<<SQL
                            CREATE TABLE `injects` (
                                `id` int(11) NOT NULL AUTO_INCREMENT,
                              `wormFile` varchar(45) DEFAULT NULL,
                              `server` varchar(45) DEFAULT NULL,
                              `path` varchar(45) DEFAULT NULL,
                              PRIMARY KEY (`id`),
                              UNIQUE KEY `id_UNIQUE` (`id`),
                              KEY `index_server` (`server`,`wormFile`),
                              KEY `index_worm` (`wormFile`),
                              KEY `index_path` (`path`)
                            ) ;
SQL
    );
}
class Inject
{
    public $id;
    public $wormFile;
    public $server;
    public $path;
}
function injects_insert(Inject $inject)
{
    $mysqli = create_mysqli();
    $stmt = $mysqli->prepare("INSERT INTO injects (wormFile, server, path) values (?, ?, ?);");
    $stmt->bind_param('sss', $inject->wormFile, $inject->server, $inject->path);
    return $stmt->execute();
    
}
function injects_delete(Inject $id)
{
    $mysqli = create_mysqli();
    $stmt = $mysqli->prepare("DELETE FROM injects WHERE id = ?;");
    $stmt->bind_param('s', $id);
    return $stmt->execute();
}
function injects_query($from, $limit = 10)
{
    $mysqli = create_mysqli();
    $stmt = $mysqli->prepare("SELECT id, wormFile, server, path FROM injects LIMIT ?, ?;");
    $stmt->bind_param('ii', $from, $limit);
    $stmt->execute();
    $stmt->bind_result($id, $w, $s, $p);
    $injects = array();
    while ($stmt->fetch())
    {
        $inject = new Inject();
        $inject->id = $id;
        $inject->wormFile = $w;
        $inject->server = $s;
        $inject->path = $p;
        array_push($injects, $inject);
    }
    return $injects;
}
function injects_query_by_server($server, $from, $limit)
{
    $mysqli = create_mysqli();
    $stmt = $mysqli->prepare("SELECT id, wormFile, server, path FROM injects WHERE server=? LIMIT ?, ?;");
    $stmt->bind_param('sii', $server, $from, $limit);
    $stmt->execute();
    $stmt->bind_result($id, $w, $s, $p);
    $injects = array();
    while ($stmt->fetch())
    {
        $inject = new Inject();
        $inject->id = $id;
        $inject->wormFile = $w;
        $inject->server = $s;
        $inject->path = $p;
        array_push($injects, $inject);
    }
    return $injects;
}
